Back to top

Amida Auth

This is an API allowing authentication and basic authorization using JSON Web Tokens.

Miscellaneous

Resources related to utility actions, such as health checks.

Health Check

Show Health Check
GET/health-check

Example URI

GET /health-check
Response  200
HideShow
Headers
Content-Type: text/html; charset=utf-8
Body
OK

Users

Resources related to User identity management, such as creating and updating Users. This includes editing user scopes for authorization purposes.

Users Collection

List All Users
GET/user

Get a complete list of users. Must be admin.

Example URI

GET /user
Request
HideShow
Headers
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MTksInVzZXJuYW1lIjoidGVzdDEyMyIsImVtYWlsIjoidGVzdEBhbWlkYS5jb20iLCJzY29wZXMiOlsiYWRtaW4iXSwiaWF0IjoxNTEyNDk2MDIzLCJleHAiOjE1MTI0OTk2MjN9._zAtHmEDw7AGNMuzo1FOUl_QGhB9g1raNnGG-00ZHmw
Response  200
HideShow
Headers
Content-Type: application/json; charset=utf-8
Body
[
  {
    "id": 19,
    "username": "test123",
    "email": "test@amida.com"
  }
]

Create New User
POST/user

Create a single new user by providing username, password, and email info. TODO: should not create scopes by default, this is a security risk.

Example URI

POST /user
Request
HideShow
Headers
Content-Type: application/json; charset=utf-8
Body
{
  "username": "test123",
  "email": "test@amida.com",
  "password": "testpass",
  "scopes": [
    "admin"
  ]
}
Response  200
HideShow
Headers
Content-Type: application/json; charset=utf-8
Body
{
  "id": 17,
  "username": "test123",
  "email": "test@amida.com",
  "scopes": [
    "admin"
  ]
}

Single User Actions

Get Single User
GET/user/:userId

Get a single user by ID. Must be admin.

Example URI

GET /user/:userId
Request
HideShow
Headers
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MTksInVzZXJuYW1lIjoidGVzdDEyMyIsImVtYWlsIjoidGVzdEBhbWlkYS5jb20iLCJzY29wZXMiOlsiYWRtaW4iXSwiaWF0IjoxNTEyNDk2MDIzLCJleHAiOjE1MTI0OTk2MjN9._zAtHmEDw7AGNMuzo1FOUl_QGhB9g1raNnGG-00ZHmw
Response  200
HideShow
Headers
Content-Type: application/json; charset=utf-8
Body
{
  "id": 19,
  "username": "test123",
  "email": "test@amida.com",
  "scopes": [
    "admin"
  ]
}

Update User
PUT/user/:userId

Update a single user’s email by ID. Must be admin or the user being updated.

Example URI

PUT /user/:userId
Request
HideShow
Headers
Content-Type: application/json; charset=utf-8
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MTksInVzZXJuYW1lIjoidGVzdDEyMyIsImVtYWlsIjoidGVzdEBhbWlkYS5jb20iLCJzY29wZXMiOlsiYWRtaW4iXSwiaWF0IjoxNTEyNDk2MDIzLCJleHAiOjE1MTI0OTk2MjN9._zAtHmEDw7AGNMuzo1FOUl_QGhB9g1raNnGG-00ZHmw
Body
{
  "email": "new@amida.com"
}
Response  200
HideShow
Headers
Content-Type: application/json; charset=utf-8
Body
{
  "id": 19,
  "username": "test123",
  "email": "new@amida.com",
  "scopes": [
    "admin"
  ]
}

Delete User
DELETE/user/:userId

Delete a single user by ID. Must be admin.

Example URI

DELETE /user/:userId
Request
HideShow
Headers
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MTksInVzZXJuYW1lIjoidGVzdDEyMyIsImVtYWlsIjoidGVzdEBhbWlkYS5jb20iLCJzY29wZXMiOlsiYWRtaW4iXSwiaWF0IjoxNTEyNDk2MDIzLCJleHAiOjE1MTI0OTk2MjN9._zAtHmEDw7AGNMuzo1FOUl_QGhB9g1raNnGG-00ZHmw
Response  204

User Scopes

Update User Scopes
PUT/user/scopes/:userId

Example URI

PUT /user/scopes/:userId
Request
HideShow
Headers
Content-Type: application/json; charset=utf-8
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VybmFtZSI6InRlc3QxMjMiLCJlbWFpbCI6InRlc3RAYW1pZGEuY29tIiwic2NvcGVzIjpbImFkbWluIl0sImlhdCI6MTUwNjUzNDE5NywiZXhwIjoxNTA2NTM3Nzk3fQ.wnjoNrllnvx2EL411bRRMSemPxuNdeq5VXxXjpYl67E
Body
{
  "scopes": [
    "admin",
    "new"
  ]
}
Response  200
HideShow
Headers
Content-Type: application/json; charset=utf-8
Body
{
  "id": 17,
  "username": "test123",
  "email": "test@amida.com",
  "scopes": [
    "admin",
    "new"
  ]
}

Me

Get Logged-in User
GET/user/me

Get profile info of the logged-in user (i.e. provided JWT).

Example URI

GET /user/me
Request
HideShow
Headers
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MTksInVzZXJuYW1lIjoidGVzdDEyMyIsImVtYWlsIjoidGVzdEBhbWlkYS5jb20iLCJzY29wZXMiOlsiYWRtaW4iXSwiaWF0IjoxNTEyNDk2MDIzLCJleHAiOjE1MTI0OTk2MjN9._zAtHmEDw7AGNMuzo1FOUl_QGhB9g1raNnGG-00ZHmw
Response  200
HideShow
Headers
Content-Type: application/json; charset=utf-8
Body
{
  "id": 19,
  "username": "test123",
  "email": "test@amida.com",
  "scopes": [
    "admin"
  ]
}

Auth

Resources related to authentication, such as login and password changes.

Login

Authenticate For JWT
POST/auth/login

Example URI

POST /auth/login
Request
HideShow
Headers
Content-Type: application/json; charset=utf-8
Body
{
  "username": "test123",
  "password": "testpass"
}
Response  200
HideShow
Headers
Content-Type: application/json; charset=utf-8
Body
{
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VybmFtZSI6InRlc3QxMjMiLCJlbWFpbCI6InRlc3RAYW1pZGEuY29tIiwic2NvcGVzIjpbImFkbWluIl0sImlhdCI6MTUwNjUzNDE5NywiZXhwIjoxNTA2NTM3Nzk3fQ.wnjoNrllnvx2EL411bRRMSemPxuNdeq5VXxXjpYl67E"
}

Update Password

Submit New Password
POST/auth/update-password

Example URI

POST /auth/update-password
Request
HideShow
Headers
Content-Type: application/json; charset=utf-8
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VybmFtZSI6InRlc3QxMjMiLCJlbWFpbCI6InRlc3RAYW1pZGEuY29tIiwic2NvcGVzIjpbImFkbWluIl0sImlhdCI6MTUwNjUzNDYwMywiZXhwIjoxNTA2NTM4MjAzfQ.l0I_BJAdpmaw4EwlZmJzqhC4J6O5mZimRnJ7YB4YI-g
Body
{
  "password": "newerpass"
}
Response  200
HideShow
Headers
Content-Type: text/plain; charset=utf-8
Body
OK

Reset Password Initiation

Submit Reset Password Request
POST/auth/reset-password

In non-test environments, sends a password reset link to the user’s email.

Example URI

POST /auth/reset-password
Request
HideShow
Headers
Content-Type: application/json; charset=utf-8
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VybmFtZSI6InRlc3QxMjMiLCJlbWFpbCI6InRlc3RAYW1pZGEuY29tIiwic2NvcGVzIjpbImFkbWluIl0sImlhdCI6MTUwNjUzNDYwMywiZXhwIjoxNTA2NTM4MjAzfQ.l0I_BJAdpmaw4EwlZmJzqhC4J6O5mZimRnJ7YB4YI-g
Body
{
  "email": "test@amida.com"
}
Response  200
HideShow
Headers
Content-Type: text/plain; charset=utf-8
Body
OK

Reset Password

Submit New Password
POST/auth/reset-password/:token

Should only be executed by clicking the password reset link for non-test environments.

Example URI

POST /auth/reset-password/:token
Request
HideShow
Headers
Content-Type: application/json; charset=utf-8
Body
{
  "password": "newerpass"
}
Response  200
HideShow
Headers
Content-Type: text/plain; charset=utf-8
Body
OK

Facebook Login

OAuth Login
GET/auth/facebook

Example URI

GET /auth/facebook
Request
HideShow
Headers
Content-Type: application/json; charset=utf-8
Body
{
  "username": "test123",
  "password": "testpass"
}
Response  302
HideShow
Headers
Location: https://www.facebook.com/dialog/oauth?response_type=code&redirect_uri=http%3A%2F%2Flocalhost%3A4000%2Fapi%2Fv0%2Fauth%2Ffacebook%2Fcallback&scope=email&client_id=SOMEID

Generated by aglio on 05 Dec 2017